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DETAILED ACTION 



Claim Rejections - 35 USC §112 



1 . The claims are generally narrative and indefinite, failing to conform with current 
U.S. practice. They appear to be a literal translation into English from a foreign 
document and are replete with grammatical and idiomatic errors. 



2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1-5 are rejected under 35 U.S.C. 103(a) as being unpatentable over Diffie 
(U.S. Patent No. 5.371.194) in view of Szabo (U.S. Patent No. 6.014.563 ) . 

4. Referring to the instant claims Diffie, discloses a method for privacy and 
authentication in wireless networks (see abstract). 

Diffie teaches providing a secure wireless communication link between a mobile 
nomadic device and a base computing unit. A mobile sends a host certificate to the 
base along with a randomly chosen challenge value (CH1 ) and a list of supported 
shared key algorithms ("SKCS"). The base determines if the host certificate is valid. If 
the it is not valid, then the base unit rejects the connection attempt. The base then 
sends a random number (RN1) encrypted in mobile's public key and an identifier for the 



Claim Rejections - 35 USC § 103 



Application/Control Number: 09/581 ,359 Page 3 

Art Unit: 2132 

chosen SKCS to the mobile. The base saves the RN1 value and adds the CH1 value 
and the chosen SKCS to messages sent to the base. The mobile unit then validates the 
the certificate and if the certificate is valid, the mobile verifies under the public key of the 
base the signature on the message. The signature is verified by taking the base 
message and appending it to CH1 and the list of shared key algorithms that the mobile 
provided in the first message. If the base signature is not valid, then the communication 
attempt is aborted. In the event that the base signature is valid, the mobile determines 
the value of RN1 by decrypting Pub.sub.-- Mobile, RN1 under the private key of the 
mobile. The mobile then generates RN2 and the session key, and encrypts RN2 under 
the Pub.sub.-- Base. The mobile sends the encrypted RN2 and E(Pub.sub.-- Mobile, 
RN1) to the base. The base then verifies the mobile signature using the Pub.sub.-- 
Mobile obtained from the Cert.sub.-- Mobile. If the mobile signature is verified, the base 
decrypts E(Pub.sub.-- Base, RN2) using its private key. The base then determines the 
session key. The mobile and base may then enter a data transfer phase using 
encrypted data which is decrypted using the session key which is RN1 .sym.RN2 (see 
column 1, lines 44-68 through column 2, lines 1-10). 

5. Referring to the independent claims 1 and 12, the limitation "communication 
system comprising an access network ... having authentication equipment" is met by 
network 30 having authentication equipment in the base unit 27 (see Fig. 3). The 
limitation "allocating a radio channel for the transmission of the information via a radio 
interface from/to base station of the access network" is met by the communication 
channel between the base (27) and the network (30) - see Fig. 3. The limitation 
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"...mutually transmitting public keys between a mobile station and the base station.." is 
met by the base station and the mobile unit exchanging the public keys (see Figs. 4b 
and 4c). The limitation "...encrypting subsequent information to be transmitted ...using 
one of the public keys received by the base station or the mobile station..." is shown in 
Figs 4b and 4c. The limitation "...deciphering encrypted information received by the 
mobile station or base station on the basis of a private key" is met by Fig 5b (block 3 
from the top), which shows that base decrypts information received from the mobile 
station using private key. Diffie, however, does not explicitly teach authenticating the 
subscriber based on the subscriber identity mobile card. 

6. Referring to the instant claims Szabo discloses a radio system for a closed user 
group (see abstract and Fig.1 ). Szabo teaches the device comprising a subscriber data 
base (ID) and means (MM) for checking whether a transmitted subscriber identification 
(IMSI) authorizes a subscriber to access the radio system (PRS) - see abstract and 
Fig.1 . Szabo teaches that subscribers who belong to the closed user group have an 
authorization card, on which a subscriber identification IMSI is stored, which authorizes 
the subscriber to access the radio network. The radiotelephone MS with the card- 
reading device conforms to the GSM standard and can thus also be used for the GSM 
mobile-radio system (see column 2, lines 51-57). Therefore, at the time the invention 
was made, it would have been obvious to one of ordinary skill in the art to modify the 
system for encryption of information for radio transmission and for authentication of 
subscribers of Diffie by authenticating subscribers via subscriber authorization cards 
(i.e. identity mobile cards) as taught in Szabo. One of ordinary skill in the art would have 
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been motivated to modify the system for encryption of information for radio transmission 
and for authentication of subscribers by authenticating subscribers via subscriber 
identity mobile cards as taught in Szabo for accessing the radio network of the user 
group (see Szabo, column 1 , lines 60-65). 

7. Referring to claims 2-5, Diffie teaches sending a plurality of keys from the mobile 
to base and from base to mobile - see SKCS list in Figs. 4a and 4b. 

8. Referring to claim 6, Diffie teaches returning an authentication reply by the 
authentication equipment (see abstract and Fig. 5a). 

9. Referring to claim 7, Diffie teaches "checking the subscriber identity by an 
authentication procedure..." - see Figs. 5a and 5b. 

10. Referring to claim 8, Diffie teaches the use of shared (i.e. secret keys) - see 
abstract. 

1 1 . Referring to claims 9-11, 13 and 14, Diffie shows servicing different networks with 
plurality of subscribers (see Fig. 3). 



Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Grigory Gurshman whose telephone number is (703) 
306-2900. The examiner can normally be reached on 9 AM-5:30 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (703) 305-1830. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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Examiner 
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